Q&A with Continuum’s George: There Are 4 Technologies that Matter

We caught up with Michael George at Navigate 2018 in Boston to talk private equity, the MSP vs. MSSP discussion and more.

CONTINUUM NAVIGATE — Confession: I refuse to play Monopoly with my husband. He takes no prisoners and will go into hock to buy every property he lands on, even Baltic Avenue, strategically place hotels and sit back and wait for the cash to roll in. He likes the iron token for its “flattening the competition” symbolism.

I suspect playing the game with serial entrepreneur and Continuum CEO Michael George would be a similarly challenging experience. Under his watch, Continuum has grown since its launch in 2011 to seven offices globally, 1,400 employees and more than 1 million endpoints under management. As a successful Navigate 2018 wound down, I had a chance to catch up with George and talk about life under private-equity ownership, how long it will take for 20 percent of MSPs to snap up 80 percent of profits, and what might be the next target of the famously acquisition-hungry company.

We also touched on Continuum’s Veteran’s Foundation. John McCain recently visited Continuum’s Boston offices to talk about the work the company does to support veterans. Given McCain’s recent death, George was understandably proud and visibly moved when speaking of the support the late senator and war hero expressed for the program.

“Nine percent of the U.S. population serves in the armed forces,” said George. “But veterans make up 22 percent of the IT workforce.” The Continuum Veterans Foundation has donated more than $150,000 to organizations that support veterans, like Hire Heroes USA, and George says every employee spends 1 percent of the work year personally working on the cause.

Channel Futures:You stated in your keynote that Thoma Bravo owns 30 percent of all platform categories in the managed-service space.

Michael George: Remarkable, right? They have underwritten SolarWinds, ourselves, Barracuda, Riverbed, McAfee. They used to own Bomgar, the remote-control tool. If you add up the economics of those companies, it represents more than 30 percent of the entire platform providers of the MSP technology category.

Michael George

CF:You seem to relish being owned by private equity. Not all companies think that way, but you’ve obviously found it beneficial.

MG: Very much so.

LG:Do you feel that a single private-equity house being the point of concentration for so many of the platforms MSPs depend on should be worrisome? That’s a lot of power.

MG: No. For a couple of reasons, the answer is no. If you look at their investment strategy, they look into market categories and pay attention to the macroeconomics and the macrodynamics of [potential investments], and they invest in categories. What an endorsement. If I were an MSP and I saw that a company like Thoma Bravo were doing this, I’d be elated, thinking it’s amazing that they feel so strongly that they’re investing billions of dollars into this category. They’re not fools. They know exactly how things play out, they do a lot of analysis, so the fact that they’re that deep in the MSP category, I think, is a very beneficial thing.

What they do is, they look across the category and determine who they are confident are going to be the category leaders in their respective areas. Barracuda is a firewall. SolarWinds really sells more direct to small business than they do through the MSP. They have an MSP component as well, but we’re not really competitive with them. There’s a little bit of overlap, but not a lot. Maybe they’re even beneficially symbiotic to one another — you know, we benefit from being partnered up with half of those companies, so that’s not a bad thing.

So, no. We’re not worried about it all, in fact we think that [private-equity ownership is] a great benefit. We have a financial partner that deeply understands our market. We’re not one investment in a portfolio of 20 things that are unrelated. They know a ton about this space, and we benefit from that every day. Lots of people go knock on their door, and we get an opportunity to go look at and investigate those opportunities, too. It’s been a great benefit for us.

CF:So you see the companies Thoma Bravo acquiring as almost best of breed?

MG: They are the best of breed, yes. That’s exactly right. They don’t bet on the No. 2 company. They study the market and figure out who’s going to win, who’s going to dominate their respective categories, and then they get behind them and finance them and facilitate their growth and success.

CF:Pivoting to your keynote, you predict that 20 percent of MSPs will eventually scoop up 80 percent of profits. What do you feel the time frame is for that consolidation?

MG: That will be in the next three to five years, but I think the determining factors will play out over the next two. Literally over the next two years, you’re going to see the market get organized around the separation dynamics that I noted.

Look, you’ve been in the tech category for a long time, and you’ve seen this play out over and over and over again. We’re not inventing some new theory or principle here; this is just the way the world works. You normally see a catalyst that creates a rapid acceleration of that dynamic to play out, and the catalyst has arrived. It’s called cybercrime, and cybersecurity. It’s not a slowly evolving thing, it is a very ever-present thing, and it’s very real and it’s very real-time. So, companies that get organized around solving for that for their customers are going to have a certain set of attributes, and I listed them out: business lead, sales capacity, sales DNA, institutional capital – which could be debt, but institutional capital – and again, in an ideal world, the whole-suite, comprehensive solution so they’re not like, “Oh, we just do this and we don’t do that.”

Companies need to depend on one MSP, one technology partner. They’re not going to hire an MSP and separate managed security service provider — they’re just not going to do that. So that’s where the separation will really take place.

Then there’s geography. Go look at your MSP 501 list. I guarantee you they’ll lay out in the 30 NFL cities or in any multiple numbers of the 107 MSAs [metropolitan statistical areas]. They’re not in dusty, remote places where you’ve got to drive 100 miles to get to the next client. They’re in highly concentrated, business-centric communities. Now the good news is, there are a lot of these communities — 107. They happen to gravitate toward the high-value places where people highly value IT services, so it’s financial services and health care, construction, and the legal industry and so forth. These are laws of nature.

CF:I was wondering about the exclusion of hospitality and retail from the list of verticals you focus on.

MG: Those two industries happen to have a certain set of dynamics around them, hospitality and retail. Hospitality, you have major chains, and then you have little boutique bed and breakfasts, and there’s very little in between. So if you’re a large chain, if you’re Marriott, you have your own internal IT staff, you’re not relying on an independent MSP, you’re just not. So then you’re left with the little boutique shops and/or small, independently owned hotels.

And there again, if you’re Starbucks, you have a very large internal IT department. But if you’re Lorna and Michael’s Coffee Shop, we’re using a local MSP. The same is true in retail. You’re Lord & Taylor, you’re Neiman Marcus, you’ve got big IT. And if you’re a boutique, you’re depending on a local MSP.

Look, there are plenty of MSPs that have built beautiful businesses in that category, so I’m not dismissing it. But it does not command the wallet share and the premium that a 22-person law firm would, for instance. Or a nine-person dentist office or an insurance broker. It just doesn’t.

CF:Margins are tight.

MG: That’s right. Margins are tight in retail. And again, we’re not dismissing the vertical as unimportant, but it’s not one of the top five leading drivers of high-value places that you can build big IT services businesses.

CF:Let’s look at the competitive landscape for your core RMM business. The security and other new offerings should increase stickiness with the partners you have, but it’s still a competitive space. How do you see the landscape changing? do you see acquisitions on the horizon? Do you think some of your smaller competitors are going to be picked off?

MG: I think the landscape has already been defined. I think there are four major platform players in this market and then everybody else, and I don’t mean that in a disparaging way, but again, markets normally shake out where there [are] three or four major players, and then the rest gets pretty fragmented. So you have ourselves, you have Datto, you have ConnectWise, and you have SolarWinds. Kaseya’s working to make a play by combining a couple of assets inside their portfolio and buying a couple of small things in and around it, but that’s all I’ll say about that.

Without being dismissive, I think the market has spoken.

CF:Is that competitive enough?

MG: People can only count to three or four. It’s just too complicated with more. And MSPs – think about it – it’s hard running a small business. The last thing you should be spending your time doing is trying to manage all these different vendor relationships. This is not the place to put your time and energy, it should be spent with customers, growing your business, building your organization, not figuring out how to price-optimize one little product over another. It just doesn’t matter. And the smart businesses, MSPs that’ve really grown and who’ve formulated themselves well, they figure that out and they say, “Hey, I’m going to anchor my business in and around this.” As long as it’s one of the four, they’re fine.

CF:What are you looking at for acquisition, in general, in 2019? Security, security, security?

MG: We are acquisitive; we’ve been very, very clear about that. We’ve made two acquisitions to date, and they’ve been great — they’ve been well-integrated, they’ve been very successful. The CARVIR acquisition, even early on, has been very successful for us. We look for things that help our partners, so if you look around the ecosystem, if it’s something that we believe should be a core component of what we do, and we ought to own the IP around it, then ultimately we’ll either want to build it or buy it.

Right now we’ve expressed very clearly in my keynote yesterday, as you heard, our sense of urgency around this market. And we are operating with that same sense of urgency ourselves, so if we see a technology in the security category and the backup category or in the remote monitoring and management category that we believe helps accelerate our road map, those are the things we’re looking at doing.

And I know that was a general statement, but it’s a statement, to be clear, that even outside of security we’re still ambitiously pursuing acquisitions.

CF:There’s a lot of discussion going on about whether MSPs should rebrand as MSSPs, or does that imply customers need to go find someone else to do your basic tech? Where do you come down on that?

MG: I don’t think it’s a worthy discussion. I think having security as a fundamental part of your portfolio is a necessary element, and just rebranding yourself or calling yourself that is beside the point. I don’t know if you saw the CEO panel this morning, but [Thoma Bravo senior operating partner] David Murphy made the point that those things are converging as one. Nobody – no small business, any of the examples we talked about here, a 22-person law firm – is going to hire an MSP and a security service provider separately. They’re just not going to do that. Why would you do that? You can’t, as a practical matter. Those are two highly integrated functions.

So one of an MSP’s key services needs to be security. Throwing another word into the descriptor of your business, if it makes you feel better, I guess go do that, but it doesn’t change anything. The only thing that matters is this: All MSPs have to have a comprehensive security offering that includes not just endpoint protection but also detection and remediation. And if they don’t, we don’t think that the IT services business is going to be long for them. I don’t think you can survive without a comprehensive security offering.

CF:What is the one piece of advice you’d give MSPs going into 2019 to run their businesses better?

MG: There are four technologies that matter. We don’t provide all of them. One is a professional services automation; I do think having some level of a commercial enterprise-grade PSA – either ConnectWise or Autotask – is a very important thing from an operational, productivity standpoint. And then the three pillars of revenue-generating things on the service delivery side are RMM; security and BDR; and looking in at them in some integrated fashion, I think is a very smart thing.

Even independent of us, pivoting very clearly into providing a more advanced and more comprehensive and more proactive, preemptive security offering is an absolute imperative. We’d love for people to do it with us, but for those who don’t do it with us, do it. You don’t have an option. And don’t try to do it yourself; don’t try to go out and buy a tool, try to hire a security labor force. Cybercrime doesn’t come in at 9 and leave at 5. It’s a 24-hour-a-day, seven-day-a-week requirement to remediate effectively and MSPs, by and large, are not going to have the capacity to go and hire technicians.

They can’t run a SOC. They’ve been trying for years, but many of them have surrendered even trying to run a network operations center or a help desk. That’s facilitated the growth of our business, obviously, and I think they’re not going to kid themselves and think that they can go build a SOC. I think everybody understands fundamentally that that’s out of reach.

So, you asked what’s the once piece of advice? Run to the security opportunity, because if you don’t, you’ll be replaced by somebody who has.

Websites are now required by law to gain your consent before applying cookies. We use cookies to improve your
browsing experience. Parts of the website may not work as expected without them. By closing or ignoring this
message, you are consenting to our use of cookies.